Should go to (re-)mount home [and other?] with noexec (and nosuid [among other useful mount options]) for better security?
We talked about this before when trying to mount /proc with hidepid=2.
TL;DR: We created a few issues upstream and nothing really came of it (yet).